Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-11884

Unable to set ApplicationKey by ApplicationAuth CR when using OIDC auth

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • 2.15.3 GA
    • 3scale Operator
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Workaround Exists
    • Hide

      Delete existing ApplicationKey by using Admin API below before resetting it by ApplicationAuth CR.

      DELETE /admin/api/accounts/{account_id}/applications/{application_id}/keys/{key}.xml
      Show
      Delete existing ApplicationKey by using Admin API below before resetting it by ApplicationAuth CR. DELETE /admin/api/accounts/{account_id}/applications/{application_id}/keys/{key}.xml
      1. Create product by Product CR with oidc authentication.
      2.  Set application key by following kcs 

      In case that product is deployed by Product CR and configured oidc as an authentication like the following:

      apiVersion: capabilities.3scale.net/v1beta1 
kind: Product  
 ...
spec:
  ...
  deployment:
    apicastHosted:
      authentication:
        oidc:
          issuerEndpoint: <IdP issuer URL> 
          issuerType: keycloak
   ...

       

      when attempting to set ApplicationKey ( i.e. oidc client secert) by ApplicationAuth CR, it fails with the following message in the status of ApplicationAuth CR even though it's the first attempt.

       

        status:
    conditions:
    - lastTransitionTime: "2025-07-16T05:52:52Z"
      message: ApplicationKey limit reached a maximum of 5 keys allowed
      status: "True"
      type: Failed

              rhn-support-atra An Tran
              rhn-support-hmiura Hiroko Miura
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: